You are viewing a plain text version of this content. The canonical link for it is here.
Posted to scm@geronimo.apache.org by dj...@apache.org on 2005/10/28 20:50:24 UTC
svn commit: r329268 - in /geronimo/trunk/modules/security/src:
java/org/apache/geronimo/security/realm/providers/SQLLoginModule.java
test/org/apache/geronimo/security/jaas/LoginSQLTest.java
Author: djencks
Date: Fri Oct 28 11:50:21 2005
New Revision: 329268
URL: http://svn.apache.org/viewcvs?rev=329268&view=rev
Log:
GERONIMO-409 Improve queries. change test to use improved queries
Modified:
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers/SQLLoginModule.java
geronimo/trunk/modules/security/src/test/org/apache/geronimo/security/jaas/LoginSQLTest.java
Modified: geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers/SQLLoginModule.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers/SQLLoginModule.java?rev=329268&r1=329267&r2=329268&view=diff
==============================================================================
--- geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers/SQLLoginModule.java (original)
+++ geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers/SQLLoginModule.java Fri Oct 28 11:50:21 2005
@@ -80,9 +80,9 @@
try {
this.driver = (Driver) cl.loadClass((String) options.get(DRIVER)).newInstance();
} catch (ClassNotFoundException e) {
- throw new IllegalArgumentException("Driver class "+driver+" is not available. Perhaps you need to add it as a dependency in your deployment plan?");
- } catch(Exception e) {
- throw new IllegalArgumentException("Unable to load, instantiate, register driver "+driver+": "+e.getMessage());
+ throw new IllegalArgumentException("Driver class " + driver + " is not available. Perhaps you need to add it as a dependency in your deployment plan?");
+ } catch (Exception e) {
+ throw new IllegalArgumentException("Unable to load, instantiate, register driver " + driver + ": " + e.getMessage());
}
}
@@ -100,7 +100,7 @@
}
assert callbacks.length == 2;
cbUsername = ((NameCallback) callbacks[0]).getName();
- if(cbUsername == null || cbUsername.equals("")) {
+ if (cbUsername == null || cbUsername.equals("")) {
return false;
}
char[] provided = ((PasswordCallback) callbacks[1]).getPassword();
@@ -113,6 +113,10 @@
try {
PreparedStatement statement = conn.prepareStatement(userSelect);
try {
+ int count = statement.getParameterMetaData().getParameterCount();
+ for (int i = 1; i <= count; ++i) {
+ statement.setObject(i, cbUsername);
+ }
ResultSet result = statement.executeQuery();
try {
@@ -121,7 +125,7 @@
String userPassword = result.getString(2);
if (cbUsername.equals(userName) && ((cbPassword == null && userPassword == null) ||
- (cbPassword != null && userPassword != null && cbPassword.equals(userPassword)))) {
+ (cbPassword != null && userPassword != null && cbPassword.equals(userPassword)))) {
found = true;
break;
}
@@ -137,6 +141,10 @@
statement = conn.prepareStatement(groupSelect);
try {
+ int count = statement.getParameterMetaData().getParameterCount();
+ for (int i = 1; i <= count; ++i) {
+ statement.setObject(i, cbUsername);
+ }
ResultSet result = statement.executeQuery();
try {
Modified: geronimo/trunk/modules/security/src/test/org/apache/geronimo/security/jaas/LoginSQLTest.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/test/org/apache/geronimo/security/jaas/LoginSQLTest.java?rev=329268&r1=329267&r2=329268&view=diff
==============================================================================
--- geronimo/trunk/modules/security/src/test/org/apache/geronimo/security/jaas/LoginSQLTest.java (original)
+++ geronimo/trunk/modules/security/src/test/org/apache/geronimo/security/jaas/LoginSQLTest.java Fri Oct 28 11:50:21 2005
@@ -21,7 +21,6 @@
import java.sql.DriverManager;
import java.sql.SQLException;
import java.util.Properties;
-import java.util.Set;
import javax.management.ObjectName;
import javax.security.auth.Subject;
import javax.security.auth.login.LoginContext;
@@ -91,8 +90,8 @@
props.put("jdbcDriver", "org.hsqldb.jdbcDriver");
props.put("jdbcUser", "loginmodule");
props.put("jdbcPassword", "password");
- props.put("userSelect", "SELECT UserName, Password FROM Users");
- props.put("groupSelect", "SELECT GroupName, UserName FROM Groups");
+ props.put("userSelect", "SELECT UserName, Password FROM Users where UserName = ?");
+ props.put("groupSelect", "SELECT GroupName, UserName FROM Groups where UserName = ?");
gbean.setAttribute("options", props);
gbean.setAttribute("loginDomainName", "SQLDomain");
gbean.setAttribute("wrapPrincipals", Boolean.TRUE);
@@ -147,8 +146,6 @@
Subject subject = context.getSubject();
assertTrue("expected non-null client-side subject", subject != null);
subject = ContextManager.getServerSideSubject(subject);
-
- Set test = subject.getPrincipals(DomainPrincipal.class);
assertTrue("expected non-null server-side subject", subject != null);
assertEquals("server-side subject should have seven principal", 7, subject.getPrincipals().size());